CVE-2026-46232
HID PlayStation Driver Touch Report Array Overflow
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's handling of PlayStation controller touch reports. Specifically, the function dualshock4_parse_report processes touch input data from the device. If a device falsely reports the number of touch reports, the function may read beyond the allocated touch_reports array, potentially up to about 2 KiB of memory. This happens because the loop iterates up to the reported number of touch reports without proper validation. The vulnerability is mitigated by clamping the num_touch_reports value to the maximum size of the touch_reports array, preventing out-of-bounds reads.
How can this vulnerability impact me? :
If exploited, this vulnerability could cause the Linux kernel to read memory beyond the intended buffer when processing touch input from a PlayStation controller. This out-of-bounds read could potentially expose sensitive kernel memory data or cause system instability. The data read might be emitted via the evdev interface, which could lead to unintended information disclosure or other unpredictable behavior.